TouchVPN is a big mystery to us. First of all, we can’t exactly pinpoint the current owner of the service. The latest news is that AnchorFree acquired TouchVPN and JustVPN in one swoop, but we still can’t tell you the name of the original owner. We’re already familiar with AnchorFree as the company that launched Hotspot Shield.
Our research of TouchVPN yielded the following names: Skutin Alexey, Igor Glotov, and Stanislav Ovsyannikov, which were introduced as creators of TouchVPN. Apart from all being Russian, these three individuals have one company in common, Jelastic, which is, apparently, still in business in Russia, even though they all reported working for AnchorFree in the San Francisco Bay Area.
Their LinkedIn pages are filled with previous experiences in Russian no-name software companies, which doesn’t inspire confidence, to say the least. On top of that, Stanislav Ovsyannikov has an obviously fake Facebook profile. We still weren’t able to determine what Northghost is exactly, but it just looks like a purchasing hub for TouchVPN and two other apps. TouchVPN Twitter page features only three identical tweets and a very small number of followers. Its Facebook presence is almost non-existent, apart from a few advertising attempts from rather suspicious profiles.
Keeping all of this in mind, let’s take a look at TouchVPN’s security features.
- Anonymous information, including hardware specifications, approximate geolocation, date of software installation, browser type/version, operating system (version/language), registry entries, the dates of your visits, URL r4equests, and timestamps.
- Personal information, including name, email address, IP address, payment info, and screen name. If you connect to TouchVPN through a third-party service like Facebook, it will gain access to the information you have on your profile as well.
TouchVPN supports only PPTP protocol, which just won’t do for the reasons we’re about to mention. A quick side note, though, Alexey Skutin’s LinkedIn page describes TouchVPN as an “Android VPN client app based on OpenVPN technology,” even though there’s no mention of this in its description on Google Play.
PPTP or Point-to-Point Tunneling Protocol has many documented security issues. The specification of the protocol doesn’t define its encryption and authentication features, which prevents us from giving you any relevant information in that regard.
In conclusion, PPTP is a relic of the past offered by respected VPNs simply as a “cosmetic add-on” without any intention of anybody actually using it. To base a VPN service entirely on PPTP is borderline unprofessional as much as it is dangerous for the end user.
TouchVPN doesn’t allow torrenting or any P2P activities. The official FAQ (using the term rather generously here) states that all illegal activities will be exposed to the authorities.
TouchVPN is just a mess and its new owners will have to put in A LOT of work if they want to create a semi-decent VPN service. In its current state, TouchVPN is inefficient, confusing, and downright dangerous.